Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Do you allow http to ports other than 80?

To: <[email protected]>
Subject: Re: [FW1] Do you allow http to ports other than 80?
From: "Josh Medina" <[email protected]>
Date: Tue, 17 Jul 2001 19:47:35 -0600
References: <[email protected]>
Sender: [email protected]

I certainly would not allow this. I might allow an FTP site on another port,
but even then I would asign the port and ask a lot questions.



----- Original Message -----
From: "Greg Winkler" <[email protected]>
To: <[email protected]>
Sent: Monday, July 16, 2001 1:34 PM
Subject: [FW1] Do you allow http to ports other than 80?


>
>
> Recently I've been bombarded by requests from my users to gain access to
> websites outside the company that run on ports other than 80. Off the top
> of my head I recall sites running on 9022, 8095, 81, 89, 8081, 8080, and
> I'm sure I've forgotten a few. Up until today I could never get them to
> work. I've just learned that, YES, it is possible to allow this on a
> firewall by creating a new service with a protocol type set to URI and by
> adding a line to fwauthd.conf of the format
>
> port#         in.ahttpd       wait    0
>
> It was the update to fwauthd.conf that had me stymied.
>
> My only objection now is that each of these new ports requires another
http
> security server process to monitor it. I'd just as soon not have a million
> security servers running on my firewall to support a very small community
> of users who need access to these oddball websites.
>
> Just what is it with these website admins? Why must they run their sites
on
> odd port numbers? What's scary is that some of the sites are running on
> ports that have been assigned to other services. What the heck is one to
do
> when the web-site conflicts with the legitimate use of that port?
>
> I feel like making a stand...."Just say NO to websites that don't run on
> port 80". But it appears I will just get stampeded. Do you allow access to
> these sites where you work?
>
> --------------------------------------------------------------------------
--------------
>
> Greg Winkler
> Systems Manager, IT&S
> Huntsman Corporation
> Internet Mail: [email protected]
> Voice:> Fax:>
>
>
>
>
============================================================================
====
>      To unsubscribe from this mailing list, please see the instructions at
>                http://www.checkpoint.com/services/mailing.html
>
============================================================================
====
>
>



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

References:
- [FW1] Do you allow http to ports other than 80?
  - From: "Greg Winkler" <[email protected]>

Prev by Date: RE: [FW1] Do you allow http to ports other than 80?
Next by Date: [FW1] Problem with Management Station
Previous by thread: [FW1] Do you allow http to ports other than 80?
Next by thread: RE: [FW1] Do you allow http to ports other than 80?
Index(es):
- Date
- Thread